open-eid · metsma · Jan 25, 2025
diff --git a/MoppApp/MoppApp/ContainerSignatureCell.swift b/MoppApp/MoppApp/ContainerSignatureCell.swift
@@ -151,10 +151,10 @@ class ContainerSignatureCell: UITableViewCell {
     }
 
     private func checkSignatureValidity(signature: MoppLibSignature) -> Void {
-        if (signature.timestamp == nil) {
-            signedInfoLabel.text = ""
+        if let timestamp = ISO8601DateFormatter().date(from: signature.timestamp) {
+            signedInfoLabel.text = L(LocKey.containerSignatureSigned, [MoppDateFormatter.shared.hHmmssddMMYYYY(toString: timestamp)])
         } else {
-            signedInfoLabel.text = L(LocKey.containerSignatureSigned, [MoppDateFormatter.shared.hHmmssddMMYYYY(toString: signature.timestamp)])
+            signedInfoLabel.text = ""
         }
         if (signature.subjectName == "") {
             nameLabel.text = L(LocKey.containerTimestampInvalid)

diff --git a/MoppApp/MoppApp/ContainerViewController.swift b/MoppApp/MoppApp/ContainerViewController.swift
@@ -507,8 +507,9 @@ extension ContainerViewController : UITableViewDataSource {
         if signingContainer.isAsics(), signingContainer.dataFiles.count == 1, signingContainer.signatures.count == 1,
            let singleFile: MoppLibDataFile = signingContainer.dataFiles[0] as? MoppLibDataFile,
            singleFile.fileName.hasSuffix(ContainerFormatDdoc),
-           let singleSignature: MoppLibSignature = signingContainer.signatures[0] as? MoppLibSignature {
-            DefaultsHelper.isTimestampedDdoc = !singleSignature.timestamp.isAfter(anotherDate: calendarDate)
+           let singleSignature: MoppLibSignature = signingContainer.signatures[0] as? MoppLibSignature,
+           let timestamp = ISO8601DateFormatter().date(from: singleSignature.timestamp) {
+            DefaultsHelper.isTimestampedDdoc = !timestamp.isAfter(anotherDate: calendarDate)
             return
         } else if signingContainer.isDdoc(), state != .preview {
             DefaultsHelper.isTimestampedDdoc = false

diff --git a/MoppApp/MoppApp/MobileIDChallengeViewController.swift b/MoppApp/MoppApp/MobileIDChallengeViewController.swift
@@ -33,7 +33,6 @@ class MobileIDChallengeViewController : UIViewController {
     @IBOutlet weak var helpLabel: UILabel!
 
     var challengeID = String()
-    var sessCode = String()
 
     var currentProgress: Double = 0.0
     var sessionTimer: Timer?
@@ -144,14 +143,12 @@ class MobileIDChallengeViewController : UIViewController {
 
     @objc func receiveMobileCreateSignatureNotification(_ notification: Notification) {
 
-        guard let response = notification.userInfo?[kCreateSignatureResponseKey] as? MoppLibMobileCreateSignatureResponse else {
+        guard let challengeID = notification.userInfo?[kCreateSignatureResponseKey] as? String else {
             return
         }
 
-        challengeID = response.challengeId!
-        sessCode = "\(Int(response.sessCode))"
         challengeIdNumbers = Array<Character>(challengeID)
-        
+
         let challengeIdAccessibilityLabel: NSAttributedString = NSAttributedString(string: "\(L(.signingProgress)) \(Int(0))%. \((L(LocKey.challengeCodeLabelAccessibility, [String(challengeIdNumbers[0]), String(challengeIdNumbers[1]), String(challengeIdNumbers[2]), String(challengeIdNumbers[3])]))). \(self.helpLabel.text!)", attributes: [.accessibilitySpeechQueueAnnouncement: true])
 
         codeLabel.text = L(LocKey.challengeCodeLabel, [challengeID])

diff --git a/MoppApp/MoppApp/MobileIDSignature.swift b/MoppApp/MoppApp/MobileIDSignature.swift
@@ -61,7 +61,7 @@ class MobileIDSignature {
         })
     }
 
-    private func getCertificate(baseUrl: String, uuid: String, phoneNumber: String, nationalIdentityNumber: String, containerPath: String, roleData: MoppLibRoleAddressData?, trustedCertificates: [String]?, completionHandler: @escaping (String, String) -> Void) {
+    private func getCertificate(baseUrl: String, uuid: String, phoneNumber: String, nationalIdentityNumber: String, containerPath: String, roleData: MoppLibRoleAddressData?, trustedCertificates: [String]?, completionHandler: @escaping (Data, Data) -> Void) {
 
         if RequestCancel.shared.isRequestCancelled() {
             return CancelUtil.handleCancelledRequest(errorMessageDetails: "User cancelled Mobile-ID signing")
@@ -112,7 +112,7 @@ class MobileIDSignature {
             }
 
             // MARK: Get hash
-            guard let hash: String = self.getHash(cert: cert, containerPath: containerPath, roleData: roleData) else {
+            guard let hash = self.getHash(cert: cert, containerPath: containerPath, roleData: roleData) else {
                 printLog("\nRIA.MobileID - Error getting hash. Is 'cert' empty: \(cert.isEmpty). ContainerPath: \(containerPath)\n")
                 return ErrorUtil.generateError(signingError: .generalError, details: MessageUtil.errorMessageWithDetails(details: "Unable to get hash"))
             }
@@ -121,13 +121,13 @@ class MobileIDSignature {
 
             // MARK: Get control / verification code
             printLog("\nRIA.MobileID - Getting control code\n")
-            self.setupControlCode()
+            self.setupControlCode(dataToSign: hash)
 
             completionHandler(hash, cert)
         }
     }
 
-    private func getSession(baseUrl: String, uuid: String, phoneNumber: String, nationalIdentityNumber: String, hash: String, hashType: String, language: String, trustedCertificates: [String]?, completionHandler: @escaping (String) -> Void) {
+    private func getSession(baseUrl: String, uuid: String, phoneNumber: String, nationalIdentityNumber: String, hash: Data, hashType: String, language: String, trustedCertificates: [String]?, completionHandler: @escaping (String) -> Void) {
 
         if RequestCancel.shared.isRequestCancelled() {
             return CancelUtil.handleCancelledRequest(errorMessageDetails: "User cancelled Mobile-ID signing")
@@ -172,7 +172,7 @@ class MobileIDSignature {
         }
     }
 
-    private func getSessionStatus(baseUrl: String, sessionId: String, cert: String, trustedCertificates: [String]?, completionHandler: @escaping (String) -> Void) {
+    private func getSessionStatus(baseUrl: String, sessionId: String, cert: Data, trustedCertificates: [String]?, completionHandler: @escaping (Data) -> Void) {
 
         if RequestCancel.shared.isRequestCancelled() {
             return CancelUtil.handleCancelledRequest(errorMessageDetails: "User cancelled Mobile-ID signing")
@@ -231,7 +231,7 @@ class MobileIDSignature {
     }
 
     // MARK: Signature validation
-    private func validateSignature(cert: String, signatureValue: String) -> Void {
+    private func validateSignature(cert: Data, signatureValue: Data) -> Void {
         printLog("RIA.MobileID - Validating signature...:\n" +
             "\tCert: \(cert)\n" +
             "\tSignature value: \(signatureValue)\n"
@@ -270,28 +270,24 @@ class MobileIDSignature {
     }
 
     // MARK: Control / verification code setup
-    private func setupControlCode() {
-        guard let verificationCode = self.getVerificationCode() else {
+    private func setupControlCode(dataToSign: Data) {
+        guard let verificationCode = ControlCode.shared.getVerificationCode(hash: dataToSign) else {
             printLog("\nRIA.MobileID - Failed to get verification code\n")
             return ErrorUtil.generateError(signingError: .generalError, details: MessageUtil.errorMessageWithDetails(details: "Failed to get verification code"))
         }
-        
+
         DispatchQueue.main.async {
-            let response: MoppLibMobileCreateSignatureResponse = MoppLibMobileCreateSignatureResponse()
-            response.challengeId = verificationCode
-            DispatchQueue.main.async {
-                NotificationCenter.default.post(
-                    name: .createSignatureNotificationName,
-                    object: nil,
-                    userInfo: [kCreateSignatureResponseKey: response]
-                )
-            }
+            NotificationCenter.default.post(
+                name: .createSignatureNotificationName,
+                object: nil,
+                userInfo: [kCreateSignatureResponseKey: verificationCode]
+            )
         }
     }
 
     // MARK: Get hash
-    private func getHash(cert: String, containerPath: String, roleData: MoppLibRoleAddressData?) -> String? {
-        guard let hash: String = MoppLibManager.prepareSignature(cert, containerPath: containerPath, roleData: roleData) else {
+    private func getHash(cert: Data, containerPath: String, roleData: MoppLibRoleAddressData?) -> Data? {
+        guard let hash = MoppLibManager.prepareSignature(cert, containerPath: containerPath, roleData: roleData) else {
             printLog("RIA.MobileID - Failed to get hash:\n" +
                 "\tCert: \(cert)\n" +
                 "\tContainer path: \(containerPath)\n"
@@ -303,16 +299,7 @@ class MobileIDSignature {
 
         return hash
     }
-
-    // MARK: Get verification code
-    private func getVerificationCode() -> String? {
-        guard let dataToSign = MoppLibManager.getDataToSign(), let verificationCode: String = ControlCode.shared.getVerificationCode(hash: dataToSign) else {
-            ErrorUtil.generateError(signingError: .generalError, details: MessageUtil.errorMessageWithDetails(details: "Failed to get verification code"))
-            return nil
-        }
-        return verificationCode
-    }
-
+
     // MARK: Handle session status error
     private func handleSessionStatusError(sessionResultCode: SessionResultCode) -> SigningError {
         switch sessionResultCode {

diff --git a/MoppApp/MoppApp/MoppApp-Bridging-Header.h b/MoppApp/MoppApp/MoppApp-Bridging-Header.h
@@ -4,6 +4,5 @@
 
 #import <MoppLib/MoppLib.h>
 #import <MoppLib/MoppLibConstants.h>
-#import <MoppLib/MoppLibMobileCreateSignatureResponse.h>
 #import <MoppLib/MoppLibCardReaderManager.h>
 #import <MoppLib/MoppLibProxyConfiguration.h>
diff --git a/MoppApp/MoppApp/MyeIDInfoManager.swift b/MoppApp/MoppApp/MyeIDInfoManager.swift
@@ -220,7 +220,7 @@ class MyeIDInfoManager {
         guard let personalData = personalData else { return }
         let certOrganization = authCertData?.organization ?? MoppLibCertificateOrganization.Unknown
         personalInfo.items.append((type: .myeID, value: organizationDisplayString(certOrganization)))
-        personalInfo.items.append((type: .givenNames, value: personalData.givenNames()))
+        personalInfo.items.append((type: .givenNames, value: personalData.givenNames))
         personalInfo.items.append((type: .surname, value: personalData.surname))
         personalInfo.items.append((type: .personalCode, value: personalData.personalIdentificationCode))
         personalInfo.items.append((type: .citizenship, value: personalData.nationality))

diff --git a/MoppApp/MoppApp/NFCSignature.swift b/MoppApp/MoppApp/NFCSignature.swift
@@ -169,7 +169,7 @@ class NFCSignature : NSObject, NFCTagReaderSessionDelegate {
                 }
 
                 printLog("Cert reading done")
-                guard let hash = MoppLibManager.prepareSignature(cert.base64EncodedString(), containerPath: containerPath, roleData: roleInfo) else {
+                guard let hash = MoppLibManager.prepareSignature(cert, containerPath: containerPath, roleData: roleInfo) else {
                     return setSessionMessage(L(.nfcSignFailed), invalidate: true)
                 }
                 roleInfo = nil
@@ -178,9 +178,9 @@ class NFCSignature : NSObject, NFCTagReaderSessionDelegate {
                 pin.replaceSubrange(0..<PIN!.count, with: PIN!.utf8)
                 _ = try await sendWrapped(tag: tag, cls: 0x00, ins: 0x22, p1: 0x41, p2: 0xb6, data: Bytes(hex: "80015484019f")!)
                 _ = try await sendWrapped(tag: tag, cls: 0x00, ins: 0x20, p1: 0x00, p2: 0x85, data: pin)
-                let signatureValue = try await sendWrapped(tag: tag, cls:0x00, ins: 0x2A, p1: 0x9E, p2: 0x9A, data: Bytes(Data(base64Encoded: hash)!), le: 256);
+                let signatureValue = try await sendWrapped(tag: tag, cls:0x00, ins: 0x2A, p1: 0x9E, p2: 0x9A, data: Bytes(hash), le: 256);
                 printLog("\nRIA.NFC - Validating signature...\n")
-                MoppLibManager.isSignatureValid(cert.base64EncodedString(), signatureValue: signatureValue.base64EncodedString(), success: { _ in
+                MoppLibManager.isSignatureValid(cert, signatureValue: signatureValue, success: { _ in
                     printLog("\nRIA.NFC - Successfully validated signature!\n")
                     DispatchQueue.main.asyncAfter(deadline: .now() + 1) {
                         NotificationCenter.default.post(

diff --git a/MoppApp/MoppApp/Session.swift b/MoppApp/MoppApp/Session.swift
@@ -27,7 +27,7 @@ import SkSigningLib
 class Session {
     static let shared: Session = Session()
 
-    func getSession(baseUrl: String, uuid: String, phoneNumber: String, nationalIdentityNumber: String, hash: String, hashType: String, language: String, trustedCertificates: [String]?, completionHandler: @escaping (Result<SessionResponse, SigningError>) -> Void) -> Void {
+    func getSession(baseUrl: String, uuid: String, phoneNumber: String, nationalIdentityNumber: String, hash: Data, hashType: String, language: String, trustedCertificates: [String]?, completionHandler: @escaping (Result<SessionResponse, SigningError>) -> Void) -> Void {
         do {
             _ = try RequestSession.shared.getSession(baseUrl: baseUrl, requestParameters: SessionRequestParameters(relyingPartyName: kRelyingPartyName, relyingPartyUUID: uuid, phoneNumber: "+\(phoneNumber)", nationalIdentityNumber: nationalIdentityNumber, hash: hash, hashType: hashType, language: language, displayText: L(.simToolkitSignDocumentTitle).asUnicode, displayTextFormat: DefaultsHelper.moppLanguageID == "ru" ? kAlternativeDisplayTextFormat : kDisplayTextFormat), trustedCertificates: trustedCertificates, manualProxyConf: ManualProxy.getManualProxyConfiguration()) { (sessionResult) in
 

diff --git a/MoppApp/MoppApp/SmartIDSignature.swift b/MoppApp/MoppApp/SmartIDSignature.swift
@@ -61,7 +61,7 @@ class SmartIDSignature {
         }
     }
 
-    private func getCertificate(baseUrl: String, country: String, nationalIdentityNumber: String, requestParameters: SIDCertificateRequestParameters, containerPath: String, roleData: MoppLibRoleAddressData?, trustedCertificates: [String], errorHandler: @escaping (SigningError, String) -> Void, completionHandler: @escaping (String, String, String) -> Void) {
+    private func getCertificate(baseUrl: String, country: String, nationalIdentityNumber: String, requestParameters: SIDCertificateRequestParameters, containerPath: String, roleData: MoppLibRoleAddressData?, trustedCertificates: [String], errorHandler: @escaping (SigningError, String) -> Void, completionHandler: @escaping (String, Data, Data) -> Void) {
         printLog("Getting certificate...")
 
         if RequestCancel.shared.isRequestCancelled() {
@@ -96,7 +96,7 @@ class SmartIDSignature {
         }
     }
 
-    private func getSignature(baseUrl: String, documentNumber: String, allowedInteractionsOrder: SIDSignatureRequestParameters, trustedCertificates: [String], errorHandler: @escaping (SigningError, String) -> Void, completionHandler: @escaping (String) -> Void) {
+    private func getSignature(baseUrl: String, documentNumber: String, allowedInteractionsOrder: SIDSignatureRequestParameters, trustedCertificates: [String], errorHandler: @escaping (SigningError, String) -> Void, completionHandler: @escaping (Data) -> Void) {
         printLog("Getting signature...")
 
         if RequestCancel.shared.isRequestCancelled() {
@@ -169,7 +169,7 @@ class SmartIDSignature {
         }
     }
 
-    private func validateSignature(cert: String, signatureValue: String) -> Void {
+    private func validateSignature(cert: Data, signatureValue: Data) -> Void {
         printLog("\nRIA.SmartID - Validating signature...\n")
         MoppLibManager.isSignatureValid(cert, signatureValue: signatureValue, success: { (_) in
             printLog("\nRIA.SmartID - Successfully validated signature!\n")
@@ -207,14 +207,12 @@ class SmartIDSignature {
         })
     }
 
-    private func setupControlCode(certificateValue: String, containerPath: String, roleData: MoppLibRoleAddressData?) -> String? {
+    private func setupControlCode(certificateValue: Data, containerPath: String, roleData: MoppLibRoleAddressData?) -> Data? {
         guard let hash = MoppLibManager.prepareSignature(certificateValue, containerPath: containerPath, roleData: roleData) else {
             return nil
         }
-
-        guard let hashData = Data(base64Encoded: hash) else { return nil }
-
-        let digest = sha256(data: hashData)
+
+        let digest = sha256(data: hash)
         let code = UInt16(digest[digest.count - 2]) << 8 | UInt16(digest[digest.count - 1])
         let challengeId = String(format: "%04d", (code % 10000))
         DispatchQueue.main.async {